LastPass, the cloud storage system for passwords, suffered a breach in late 2022 that has caused ripples in the security world. Some elements of user data were taken, although many were encrypted. The company has downplayed the potential effect. Security advisers have not. LastPass seems to have taken the right path in terms of prompt disclosure and investigation, which should be a no-brainer at this point. It also had internal policies that may help limit its exposure (and any losses to users), although that remains to be seen.
Why It Matters